Composer 2.10: Malware Filtering and Dependency Policies for PHP July 2, 2026 composer php supply-chain-security security tools-for-php-developers Composer 2.10 adds native malware blocking and a unified config.policy framework for PHP supply chain security. Here is how it works and how to tune it. Read more →
Inside the PHP Foundation's Ecosystem Security Team: One Month In June 28, 2026 php-foundation security php composer open-source The PHP Foundation's new Ecosystem Security Team scanned 300+ Composer packages in its first month. Here is what shipped and how to get involved. Read more →
PHP Foundation 2025: 42% of PHP Core, a New Security Team, and What's Next June 7, 2026 php php-foundation php-internals security open-source pie php85 The PHP Foundation's 2025 impact report reveals 2,929 commits, a new Ecosystem Security Team funded by Alpha-Omega, and bold goals for 2026. Read more →
Composer 2.9 and 2.10: Security Blocking, Better Repo Management, and What PHP Developers Need to Know May 28, 2026 php composer tools security package-management devtools Composer 2.9 and 2.10 bring automatic security blocking, a new repo CLI command, and malware filtering. Here's what changed and how to use it. Read more →
PHP 8.5's URI Extension: Modern URL Parsing Done Right May 1, 2026 php php85 uri url-parsing web-development security laravel symfony backend PHP 8.5's built-in URI extension replaces the broken parse_url() with RFC 3986 and WHATWG-compliant classes for immutable, safe URL handling. Read more →
Symfony 7.3: ObjectMapper, JsonPath, and the Features That Actually Change How You Work April 29, 2026 symfony php objectmapper jsonpath symfony73 components console security Symfony 7.3 ships two powerful new components — ObjectMapper and JsonPath — plus console upgrades and security wins worth knowing about. Read more →